[Bug 17478] New: When a same-origin URL redirects to another same-origin URL, the spec seems to say to apply the resource sharing check, which would fail if the CORS headers aren't present. This seems wrong.

https://www.w3.org/Bugs/Public/show_bug.cgi?id=17478

           Summary: When a same-origin URL redirects to another
                    same-origin URL, the spec seems to say to apply the
                    resource sharing check, which would fail if the CORS
                    headers aren't present. This seems wrong.
           Product: HTML WG
           Version: unspecified
          Platform: Other
               URL: http://www.whatwg.org/specs/web-apps/current-work/#cor
                    s-enabled-fetch
        OS/Version: other
            Status: NEW
          Severity: normal
          Priority: P3
         Component: other Hixie drafts (editor: Ian Hickson)
        AssignedTo: ian@hixie.ch
        ReportedBy: contributor@whatwg.org
         QAContact: public-html-bugzilla@w3.org
                CC: mike@w3.org, simonp@opera.com


Specification:
http://www.whatwg.org/specs/web-apps/current-work/multipage/fetching-resources.html
Multipage: http://www.whatwg.org/C#cors-enabled-fetch
Complete: http://www.whatwg.org/c#cors-enabled-fetch

Comment:
When a same-origin URL redirects to another same-origin URL, the spec seems to
say to apply the resource sharing check, which would fail if the CORS headers
aren't present. This seems wrong.

Posted from: 2001:4c28:a030:30:fdc9:a7c:a388:2bea by simonp@opera.com
User agent: Opera/9.80 (Macintosh; Intel Mac OS X 10.7.3; U; en)
Presto/2.10.229 Version/11.64

-- 
Configure bugmail: https://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.

Received on Wednesday, 13 June 2012 08:53:20 UTC